The Ultimate Guide to WordPress and GDPR Compliance – Everything You Need to Know

May 22,2018 Leave a Reply Cybersecurity, Digital Marketing, Email Marketing, Security, Social Media Marketing, Website Design Compliance, data privacy, EU, GDPR, personal data

GDPR-general-data-protection-regulation. Internet-business-safety.

This is a concise, simple explanation of GDPR brought to you by Syed Balkhi and his Editorial Staff of WordPress experts.

Are you confused by GDPR, and how it will impact your WordPress site? GDPR, short for General Data Protection Regulation, is a European Union law that you have likely heard about. We have received dozens of emails from users asking us to explain GDPR in plain English and share tips on how to make your WordPress site GDPR compliant. In this article, we will explain everything you need to know about GDPR and WordPress (without the complex legal stuff).

Disclaimer: We are not lawyers. Nothing on this website should be considered legal advice.

To help you easily navigate through our ultimate guide to WordPress and GDPR Compliance, we have created a table of content below:

Table of Content

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) law taking effect on May 25, 2018. The goal of GDPR is to give EU citizens control over their personal data and change the data privacy approach of organizations across the world.

You’ve likely gotten dozens of emails from companies like Google and others regarding GDPR, their new privacy policy, and bunch of other legal stuff. That’s because the EU has put in hefty penalties for those who are not in compliance.

Fines

Basically after May 25th, 2018, businesses that are not in compliance with GDPR’s requirement can face large fines up to 4% of a company’s annual global revenue OR €20 million (whichever is greater). This is enough reason to cause wide-spread panic among businesses around the world.

This brings us to the big question that you might be thinking about:

Does GDPR apply to my WordPress site?

The answer is YES. It applies to every business, large and small, around the world (not just in the European Union).

If your website has visitors from European Union countries, then this law applies to you.

But don’t panic, this isn’t the end of the world.

While GDPR has the potential to escalate to those high level of fines, it will start with a warning, then a reprimand, then a suspension of data processing, and if you continue to violate the law, then the large fines will hit.

The EU isn’t some evil government that is out to get you. Their goal is to protect consumers, average people like you and me from reckless handling of data / breaches because it’s getting out of control.

The maximum fine part in our opinion is largely to get the attention of large companies like Facebook and Google, so this regulation is NOT ignored. Furthermore, this encourage companies to actually put more emphasis on protecting the rights of people.

Once you understand what is required by GDPR and the spirit of the law, then you will realize that none of this is too crazy. We will also share tools / tips to make your WordPress site GDPR compliant.

The goal of GDPR is to protect user’s personally identifying information (PII) and hold businesses to a higher standard when it comes to how they collect, store, and use this data.

The personal data includes: name, emails, physical address, IP address, health information, income, etc.

While the GDPR regulation is 200 pages long, here are the most important pillars that you need to know:

Explicit Consent – if you’re collecting personal data from an EU resident, then you must obtain explicit consent that’s specific and unambiguous. In other words, you can’t just send unsolicited emails to people who gave you their business card or filled out your website contact form because they DID NOT opt-in for your marketing newsletter (that’s called SPAM by the way, and you shouldn’t be doing that anyways).

For it to be considered explicit consent, you must require a positive opt-in (i.e no pre-ticked checkbox), contain clear wording (no legalese), and be separate from other terms & conditions.

Rights to Data – you must inform individuals where, why, and how their data is processed / stored. An individual has the right to download their personal data and an individual also has the right to be forgotten meaning they can ask for their data to be deleted.

This will make sure that when you hit Unsubscribe or ask companies to delete your profile, then they actually do that (hmm, go figure). I’m looking at you Zenefits, still waiting for my account to be deleted for 2 years and hoping that you stop sending me spam emails just because I made the mistake of trying out your service.

Breach Notification – organizations must report certain types of data breaches to relevant authorities within 72 hours, unless the breach is considered harmless and poses no risk to individual data. However if a breach is high-risk, then the company MUST also inform individuals who’re impacted right away.

This will hopefully prevent cover-ups like Yahoo that was not revealed until the acquisition.

Data Protection Officers – if you are a public company or process large amounts of personal information, then you must appoint a data protection officer. Again this is not required for small businesses. Consult an attorney if you’re in doubt.

To put it in plain English, GDPR makes sure that businesses can’t go around spamming people by sending emails they didn’t ask for. Businesses can’t sell people’s data without their explicit consent (good luck getting this consent). Businesses have to delete user’s account and unsubscribe them from email lists if the user asks you to do that. Businesses have to report data breaches and overall be better about data protection.

Sounds pretty good, in theory at least.

Ok so now you are probably wondering what do you need to do to make sure that your WordPress site is GDPR compliant.

Well, that really depends on your specific website (more on this later).

Let us start by answering the biggest question that we’ve gotten from users:

Yes, as of WordPress 4.9.6, the WordPress core software is GDPR compliant. WordPress core team has added several GDPR enhancements to make sure that WordPress is GDPR compliant. It’s important to note that when we talk about WordPress, we’re talking about self-hosted WordPress.org (see the difference: WordPress.com vs WordPress.org).

Having said that, due to the dynamic nature of websites, no single platform, plugin or solution can offer 100% GDPR compliance. The GDPR compliance process will vary based on the type of website you have, what data you store, and how you process data on your site.

Ok, so you might be thinking what does this mean in plain English?

Well, by default WordPress 4.9.6 now comes with the following GDPR enhancement tools:

Comments Consent

By default, WordPress used to store the commenters name, email and website as a cookie on the user’s browser. This made it easier for users to leave comments on their favorite blogs because those fields were pre-populated.

Due to GDPR’s consent requirement, WordPress has added the comment consent checkbox. The user can leave a comment without checking this box. All it would mean is that they would have to manually enter their name, email, and website every time they leave a comment.

Data Export and Erase Feature

WordPress offers site owners the ability to comply with GDPR’s data handling requirements and honor user’s request for exporting personal data as well as removal of user’s personal data.

The data handling features can be found under the Tools menu inside WordPress admin.

Privacy Policy Generator

WordPress now comes with a built-in privacy policy generator. It offers a pre-made privacy policy template and offers you guidance in terms of what else to add, so you can be more transparent with users in terms of what data you store and how you handle their data.

These three things are enough to make a default WordPress blog GDPR compliant. However, it is very likely that your website has additional features that will also need to be in compliance.

As a website owner, you might be using various WordPress plugins that store or process data like contact forms, analytics, email marketing, online store, membership sites, etc.

Depending on which WordPress plugins you are using on your website, you would need to act accordingly to make sure that your website is GDPR compliant.

A lot of the best WordPress plugins have already gone ahead and added GDPR enhancement features. Let’s take a look at some of the common areas that you would need to address:

Google Analytics

Like most website owners, you’re likely using Google Analytics to get website stats. This means that it is possible that you’re collecting or tracking personal data like IP addresses, user IDs, cookies and other data for behavior profiling. To be GDPR compliant, you need to do one of the following:

Anonymize the data before storage and processing begins
Add an overlay to the site that gives notice of cookies and ask users for consent prior to tracking

Both of these are fairly difficult to do if you’re just pasting Google Analytics code manually on your site. However, if you’re using MonsterInsights, the most popular Google Analytics plugin for WordPress, then you’re in luck.

They have released an EU compliance addon that helps automate the above process. MonsterInsights also has a very good blog post about all you need to know about GDPR and Google Analytics (this is a must read if you’re using Google Analytics on your site).

Contact Forms

If you are using a contact form in WordPress, then you may have to add extra transparency measures especially if you’re storing the form entries or using the data for marketing purposes.

Below are the things you might want to consider for making your WordPress forms GDPR compliant:

Get explicit consent from users to store their information.
Get explicit consent from users if you are planning to use their data for marketing purposes (i.e adding them to your email list).
Disable cookies, user-agent, and IP tracking for forms.
Make sure you have a data-processing agreement with your form providers if you are using a SaaS form solution.
Comply with data-deletion requests.
Disable storing all form entries (a bit extreme and not required by GDPR). You probably shouldn’t do this unless you know exactly what you’re doing.

The good part is that if you’re using WordPress plugins like WPForms, Gravity Forms, Ninja Forms, Contact Form 7, etc, then you don’t need a Data Processing Agreement because these plugins DO NOT store your form entries on their site. Your form entries are stored in your WordPress database.

Simply adding a required consent checkbox with clear explanation should be good enough for you to make your WordPress forms GDPR compliant.

WPForms, the contact form plugin we use on WPBeginner, has added several GDPR enhancements to make it easy for you to add a GDPR consent field, disable user cookies, disable user IP collection, and disable entries with a single click.

Email Marketing Opt-in Forms

Similar to contact forms, if you have any email marketing opt-in forms like popups, floating bars, inline-forms, and others, then you need to make sure that you’re collecting explicit consent from users before adding them to your list.

This can be done with either:

Adding a checkbox that user has to click before opt-in
Simply requiring double-opt-in to your email list

Top lead-generation solutions like OptinMonster has added GDPR consent checkboxes and other necessary features to help you make your email opt-in forms compliant. You can read more about the GDPR strategies for marketers on the OptinMonster blog.

WooCommerce / Ecommerce

If you’re using WooCommerce, the most popular eCommerce plugin for WordPress, then you need to make sure your website is in compliance with GDPR.

The WooCommerce team has prepared a comprehensive guide for store owners to help them be GDPR compliant.

Retargeting Ads

If your website is running retargeting pixels or retargeting ads, then you will need to get user’s consent. You can do this by using a plugin like Cooke Notices.

There are several WordPress plugins that can help automate some aspects of GDPR compliance for you. However, no plugin can offer 100% compliance due to the dynamic nature of websites.

Beware of any WordPress plugin that claims to offer 100% GDPR compliance. They likely don’t know what they’re talking about, and it’s best for you to avoid them completely.

Below is our list of recommended plugins for facilitating GDPR compliance:

MonsterInsights – if you’re using Google Analytics, then you should use their EU compliance addon.
WPForms – by far the most user-friendly WordPress contact form plugin. They offer GDPR fields and other features.
Cookies Notice – popular free plugin to add an EU cookie notice. Integrates well with top plugins like MonsterInsights and others.
Delete Me – a free plugin that allows users to automatically delete their profile on your site.
OptinMonster – advanced lead generation software that offers clever targeting features to boost conversions while being GDPR compliant.
Shared Counts – instead of loading the default share buttons which add tracking cookies, this plugin load static share buttons while displaying share counts.

We will continue to monitor the plugin ecosystem to see if any other WordPress plugin stands out and offer substantial GDPR compliance features.

Final Thoughts

Whether you’re ready or not, GDPR will go in effect on May 25, 2018. If your website is not compliant before then, don’t panic. Just continue to work towards compliance and get it done asap.

The likelihood of you getting a fine the day after this rule goes in effect are pretty close to zero because the European Union’s website states that first, you’ll get a warning, then a reprimand and fines are the last step if you fail to comply and knowingly ignore the law.

The EU is not out to get you. They’re doing this to protect user’s data and restore people’s trust in online businesses. As the world goes digital, we need these standards. With the recent data breaches of large companies, it’s important that these standards are adopted globally.

It will be good for all involved. These new rules will help boost consumer confidence and in turn help grow your business.

We hope this article helped you learn about WordPress and GDPR compliance. We will do our best to keep it updated as more information or tools get released.

If you liked this article, then please subscribe to our YouTube Channel. You can also find us on Twitter and Facebook.

Additional Resources

GDPR Hysteria Part I and Part II by Jacques Mattheij
Data protection infographic by European Commission
Principles of the GDPR by European Commission
GDPR and MonsterInsights – everything you need to know
GDPR Enhancement Features for Your WordPress Forms
GDPR Compliance for WooCommerce Stores
GDPR and OptinMonster – Good read if you have email marketing opt-in forms

Legal Disclaimer / Disclosure

We are not lawyers. Nothing on this website should be considered legal advice. Due to the dynamic nature of websites, no single plugin or platform can offer 100% legal compliance. When in doubt, it’s best to consult a specialist internet law attorney to determine if you are in compliance with all applicable laws for your jurisdictions and your use cases.

WPBeginner founder, Syed Balkhi, is also the co-founder of OptinMonster, WPForms, and MonsterInsights.

Samsung is working on a phone design that would finally be more exciting than any iPhone

May 4,2018 Leave a Reply Android, Smartphones, Technology Galaxy S10, Galaxy X, iPhone, samsung

A report from a solid source that just hit the wire on Friday morning suggests that Samsung may finally have a launch schedule in place for its mysterious new Galaxy X. The company first confirmed that it was working on a smartphone with a foldable display back in 2017. At the time, a Samsung executive said that the company was targeting 2018 for the phone’s release, but numerous reports have since stated that the phone’s debut has been pushed back to 2019. Honestly, that’s a very good thing, and it’s uncharacteristic for Samsung. The company has been known to rush out new products long before they’re ready for primetime, so it’s refreshing to see Samsung take a step back and make sure it gets things right before releasing the Galaxy X.
According to this new report, the phone will have a 3.5-inch screen on the outside and the approximate equivalent of two 3.5-inch displays on the inside. When it folds open, its total screen area will be in the high 6-inch range. It’s a nifty idea and the Galaxy X could be truly impressive if Samsung manages to use a folding OLED panel so there’s no seam where the hinge is placed. But to be frank, it’s really not all that appealing to me. The device is bound to be awkwardly thick, and I’m not sure gaining a diagonal inch is worth dealing with the large size, the inevitable hit to battery life, or the weird aspect ratio.As it turns out, Samsung is in the early stages of working on a radical new smartphone design that would be completely unlike anything we’ve seen before.

Did you catch that part that began at the 57 second mark? Panasonic demoed a television with a display that is completely transparent when it’s turned off. It’s absolutely incredible, and I need 10 of them right now. If you go back a bit to the 37 second mark, you can see another awesome design that puts a transparent display on the front of a wine cooler, but this time Panasonic only lights up part of the screen at a time. This way, the panel can display information but you can still see the wine inside the cooler.

By now you probably see where we’re going with this. What would happen if Samsung took these technologies and shrunk them down so they could fit in your pocket? Well, you would end up with one of the most exciting and novel new smartphone designs the world has ever seen.

The regulatory filing hawks over at Patently Mobile just dug up a pair of patents that were awarded to Samsung this week by the United States Patent and Trademark Office. As illustrated in the technical drawing above, the patents cover a smartphone with a transparent design. That would be… awesome.

As you might have surmised after watching the video above, a Samsung phone with a transparent display could light up the entire screen and be used just like a regular smartphone. But portions of the display could show graphics while other portions remain transparent, resulting in an augmented reality experience the likes of which the world has never seen on a smartphone.

Samsung first showed off fully functional transparent displays all the way back in 2015, so the company has been working on this technology for quite a while now. Of course, that doesn’t mean a smartphone with a transparent display will launch anytime soon. In fact, even with these new patents brought to light, Samsung may never launch a phone with a transparent display. Companies constantly work on new technologies that never see the light of day — bet let’s hope that’s not the case here because this device could be the most exciting smartphone the world has ever seen.

By Zach Epstein @zacharye

New Exploit: PDF Files Can Be Abused to Steal Windows Credentials

May 1,2018 Leave a Reply Cybersecurity, Security malicious code, malware, PDF, phishing

PDF files can be weaponized by malicious actors to steal Windows credentials (NTLM hashes) without any user interaction and only by opening a file, according to Assaf Baharav, a security researcher with cyber-security company CheckPoint.

This means a curious end user who opens a PDF attachment they did not ask for can be pnwed in about 15 seconds. Good thing this nasty is not in the wild just yet…

Baharav published research this week showing how a malicious actor could take advantage of features natively found in the PDF standard to steal NTLM hashes, the format in which Windows stores user credentials.

“The PDF specification allows loading remote content for the GoToE & GoToR entries,” Baharav told Bleeping Computer. More detail and links at the KnowBe4 blog:
https://blog.knowbe4.com/pdf-files-can-be-abused-to-steal-windows-credentials

5 Reasons Your Business Needs HTTPS

Apr 24,2018 Leave a Reply Cybersecurity, Google Chrome, Security, Technology, Website Design https, secure, secure websites, SSL

5 Reasons Your Business Needs HTTPS

The rules have changed about what good website security means—starting with a new minimum requirement for all website pages to support encrypted connections. The good news is you’ll gain other valuable benefits by adhering to this new standard. First, let’s get on the same page by reviewing a few basics.

What’s HTTPS?

When your customers land on a web page that’s not protected by any type of SSL Certificate they’ll see http:// at the beginning of the website address in the browser bar. This used to be perfectly fine unless your webpage involved a login ID, password, form or payments. Enter the era of mega cybercrime.

HTTP has one glaring flaw—it’s not secure. Any information transmitted via an HTTP connection is vulnerable to being tampered with, misused or stolen. Your visitors deserve to know any data they share with you is safe from prying eyes.

Installing an SSL Certificate changes the browser bar address to https:// to clearly show visitors the connection is encrypted, meaning the server is authenticated and data is protected in transit. No wonder web browsers have made HTTPS the new standard for website security.

HTTPS Is Good for Your Bottom Line

Enabling encrypted connections is one great reason to protect your website with an SSL Certificate. But, it’s not the only reason. Here are some other ways HTTPS brings value to your business:

Speeds Up Performance—Being the slow kid on the block and the last one picked for dodgeball is a bummer. Being slow online could cost you everything. HTTP is being replaced by a newer faster version—HTTP/2. Encrypted connections are required to unlock the latest speed and security features.
Increases Search Engine Traffic—Google includes SSL as a ranking factor. How’d you like to boost your search visibility up to 5%? Be found above the competition by encrypting every page of your website.
Enables Mobile Options—Salesforce reports 71% of marketers believe mobile is core to their business. Mobile’s most popular features—geolocation, motion orientation, microphone, fullscreen and camera access—require HTTPS to be enabled by most browsers
Protects Your Brand Reputation—A recent CA Security Council Report shows a mere 2% of customers would proceed past the “Not Secure” warnings that are due to kick in July 1 for all web pages without HTTPS connections. Show visitors your brand values their security by protecting your website with an SSL Certificate.
Delivers a Seamless Experience—Don’t let visitors engage with several pages on your site only to be get broadsided with a “Not Secure” warning on pages you haven’t protected. They’ll reward you for taking the extra steps to give them an end-to-end encrypted experience.

Identity Validation Matters, Too

HTTPS is no longer optional if you want to build relationships and a business online. The good news it adds a lot of value to your business. But, SSL Certificates do more than enable HTTPS.
They also authenticate or validate your identity so visitors know it’s really you on the other end of their connection. We’re here to help you find the right level of validation based on your goals.

Click here to learn more and request pricing for the purchase and installation of your SSL Certificate.

HP goes up against the iPad Pro with its $599 Chromebook x2

Apr 9,2018 Leave a Reply Google Chrome, Technology Apple, chromebook, hp, ipad pro

HP goes up against the iPad Pro with its $599 Chromebook x2

By Jacob Kastrenakes @jake_k Apr 9, 2018

Two weeks ago, Acer announced the first tablet running Chrome OS. And today, HP is announcing the second — and it’s a lot higher end.

It’s called the Chromebook x2, and it’s very much designed to go after the iPad Pro. It has a 12.3-inch screen (the larger iPad Pro has a 12.9-inch screen), docks with a keyboard cover, and supports stylus input.

The big benefit here is that the full package is available for much, much cheaper: the Chromebook x2 costs $599 in its base configuration and comes bundled with the keyboard cover and stylus. The iPad starts at $649 for the (smaller) tablet on its own, and you’ll have to spend $1,067 if you want the 12.9-inch model with a keyboard and pen. So if you’re thinking about using a tablet (with a non-traditional operating system) as a portable computer, HP will get you there for way cheaper.

The Chromebook x2 has a Core m3 processor from Intel’s prior generation of Kaby Lake chips, 4GB of RAM (it can be configured with 8GB, too), 32GB of storage, a 2400 x 1600 resolution, stereo speakers, a 5 megapixel front camera, a 13 megapixel rear camera, two USB-C ports, a Micro SD card slot, a headphone jack, and an estimated 10.5 hours of battery life. It weighs a little bit more than an iPad Pro, and it’s a little bit thicker than an iPad Pro, but not by much.

In a briefing, HP also emphasized that the keyboard was designed to hold firmly enough to the tablet that it should feel like a clamshell laptop when the two are connected. I haven’t seen the Chromebook x2 in person, but HP’s images make it look relatively nice — like a combination of Google’s Pixelbook, with its metal and glossy white top, and Microsoft’s Surface Laptop, with its soft and colorful keyboard.

The Chromebook x2 seems to have a lot of potential, but there are some big questions — and not just around whether the hardware is as good as it looks. The real open question is whether Chrome OS is cut out to work on a tablet. Google has been overhauling the operating system to work better with touchscreens for a couple years now, but it’s still very much a desktop system (it’s based around the Chrome desktop browser and its display of desktop websites, after all). That’s likely to limit how useful it is, especially in comparison to an iPad, which was designed for touch from the ground up.

And while the Chromebook x2 looks like a bargain compared to the iPad, it’s expensive for a Chromebook, which people often buy for around $300. At $600, you enter into the world of lower-cost Windows computers, which this product will have to compete with, too.

HP plans to launch the Chromebook x2 sometime in June. And from the looks of it, we could see a few more Chrome OS tablets before then.

Everyone Wants A Secure Web

Mar 20,2018 Leave a Reply Cybersecurity, Google Chrome, Security, SEO, Website Design secure websites, SSL

A secure web is here to stay.

by Emily Schechter, Chrome Security Product Manager

For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

In Chrome 68, the omnibox will display “Not secure” for all HTTP pages.

Developers have been transitioning their sites to HTTPS and making the web safer for everyone. Progress last year was incredible, and it’s continued since then:

Over 68% of Chrome traffic on both Android and Windows is now protected
Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
81 of the top 100 sites on the web use HTTPS by default

Contact us today to make your visitors comfortable by securing your website.

Chrome is dedicated to making it as easy as possible to set up HTTPS. Mixed content audits are now available to help developers migrate their sites to HTTPS in the latest Node CLI version of Lighthouse, an automated tool for improving web pages. The new audit in Lighthouse helps developers find which resources a site loads using HTTP, and which of those are ready to be upgraded to HTTPS simply by changing the subresource reference to the HTTPS version.

Lighthouse is an automated developer tool for improving web pages.

Chrome’s new interface will help users understand that all HTTP sites are not secure, and continue to move the web towards a secure HTTPS web by default. HTTPS is easier and cheaper than ever before, and it unlocks both performance improvements and powerful new features that are too sensitive for HTTP. Developers, check out our set-up guides to get started.

Here’s Everything New in Android P Developer Preview 1 for the Google Pixel/XL and Pixel 2/XL

Mar 9,2018 Leave a Reply Android, Smartphones Android P, Google Pixel

By Mishaal Rahman

Here’s Everything New in Android P Developer Preview 1 for the Google Pixel/XL and Pixel 2/XL

Google dropped a bombshell on us today—the first Android P Developer Preview. Widely expected to release this month, the first Android 9.0 builds are now available for the Google Pixel, Google Pixel XL, Google Pixel 2, and Google Pixel 2 XL. Unfortunately, support has been dropped for the Google Pixel C, Google Nexus 5X, and Google Nexus 6P. Android P Developer Preview 1 brings a plethora of changes to the mix, and in this article we’ll be diving in to list most of what we’ve found on the surface level.

What’s New in Android P Developer Preview 1 for the Google Pixel and Pixel 2 series

Summary

Here’s a summary of all of the changes below in bullet point format. We recommend you take a cursory glance at this, but scroll down to see screenshots/videos and a description of each new change.

User Interface changes in Android P Developer Preview 1
- New UI for settings/quick settings
- New notification style for messages
- New transition/notification expansion animations
- Updated Pixel Launcher with voice search icon and more prominent dock
- Battery saver no longer shows orange warning
- Always on display shows battery info and centers notifications
- New Easter Egg.
- About phone screen now shows additional info in a popup window.
Quality of Life changes in Android P Developer Preview 1
- Built-in screenshot editor.
- Screenshot button in power menu
- Text selection zoom (like iOS)
- Battery saver can now be scheduled.
- Do Not Disturb has been simplified down to a single mode
- Volume buttons now control media volume by default
- Adaptive Brightness is now much more useful as it actually changes the base brightness level
- Hotspot can be turned off automatically if no devices are connected
- Rotation can be locked to landscape mode
- Multi-Bluetooth HFP/A2DP support
- Individual Wi-Fi networks can now be set to metered/unmetered
- Private DNS (DNS-over-TLS)
- Vibration controls in Accessibility Settings
- Accessibility option to disable all animations
- SysTrace tool is now built-in
- Recently posted notifications are now shown in notification settings

UI Changes

Material Design 2?

Although it doesn’t have a name yet (we strongly believe it will be called Material Design 2), Android’s user interface has received a fresh coat of paint. The most notable areas where Android P has made changes are to the quick settings tiles (now vertically paginated rather than horizontally) and to the settings pages, but there are also more minor changes to the status bar that we should take note of.

As you can see in the screenshots above, the icons in settings all have distinct colors now. In comparison, the settings icons in Android Oreo were a dull, muted gray color. The quick settings toggles, meanwhile, are all now rounded and are blue when enabled. Unfortunately, we’ve lost the ability to expand quick settings tiles within the notification shade.

If you look at the status bar, it looks like the clock has been shifted to the left. This may be in preparation for more devices with a display notch (…maybe the Google Pixel 3?), but I like the idea as it makes the status bar icons/text seem more evenly distributed.

(Oh, and if you’ll notice, Night Light now tells you when it will turn on in its quick settings tile).

New Notification Style for Messages

This one may be a bit controversial. As you can see in the screenshots above, notifications have a new style. Full conversations can now be shown as can stickers and images. Smart replies are also there, similar to what the Reply app offers.

When you long-press on a notification, the buttons now show “stop notifications” or “keep showing.” A quick way to decide if you want notifications from an app without diving into settings.

New Transition Animations

This one is big, and almost immediately noticeable. There are new animations for transitioning between activities, and new animations for opening an activity from the notifications. We’ve captured them on video so you can see what they look like.

Media and USB Dialog Changes

A few more areas have gotten redesigned. The Bluetooth media output list can now show up as a popup when you press on the arrow key in the volume panel, and speaking of which, the volume panel now shows up on the side of the screen rather than up top! The USB settings page has also gotten a quick redesign.

Pixel Launcher

A very subtle change in the Pixel Launcher (which has already been ported to other devices) is that the search bar now has a microphone icon so you can start a voice search. The background is now also more prominent, so it’s clearer where the dock begins and the rest of the launcher ends.

Battery Saver No Longer Shows Orange Warning Bar

Yes! One of the biggest visual annoyances is now gone. Previously if you enabled Battery Saver mode, it would enable an ugly orange overlay on top of the navigation and status bar. This is no longer the case in Android P.

Google Pixel 2 Always on Display Now Shows Battery Info, Adds Divider Between Time/Notifications

The Google Pixel 2 and Pixel 2 XL are the first Google phones to have an always on display feature. In Android Oreo, the feature only shows you the current time, date, whether an alarm is set, and icons from current notifications. It also supported the phone’s “Now Playing” feature which added the title of the currently playing background song. At the very, very bottom, now Android P also adds information about the device’s charging state/battery life. Furthermore, there’s a new divider in between the time and notification information. Finally, the notifications themselves are centered.

Android P Easter Egg and New About Phone Behavior

Well, there’s a new Easter Egg. It’s definitely not the final thing, as the official name for P has not yet been confirmed. Something more interesting is the new behavior for the About Phone page. Information is now shown in a popup window when you tap on certain elements.

Quality of Life Improvements

Screenshot Editor

This is something that Android has sorely needed for quite some time. Before, if you wanted to edit a screenshot on a Google phone, you would have to install a third-party screenshot editing app. Now, taking a screenshot shows a new “Edit” button which opens up a basic screenshot editor. (It should be noted that most device makers have had such a feature for awhile now).

Screenshot in Power Menu

No longer will you have to fumble around with key combinations to take a screenshot. It’s right there in the power menu!

Text Selection Zoom

When you use the text selector to move back and forth through text, it will now zoom in to better show the text you are scrolling through. Here’s a quick video:

Scheduled Battery Saver

By default, Android Oreo only allows you to schedule battery saver mode at 5 and 15% of remaining battery. Android P expands on that by giving you a slider to choose a precise battery level you want battery saver to activate on!

Do Not Disturb Simplification

The Do Not Disturb quick settings toggle now shows the duration activity, which is nice for you to quickly modify its state. They’ve gotten rid of the 3 modes, total silence, alarms only, and priority only, and instead there’s only a single mode that you can customize in settings.

Media Volume By Default

Rejoice! When you press the volume keys, media volume is now the default volume stream that is controlled! No more need to remap keys or use any funky workarounds! As for call volume, it is now separate, and only active when you’re in a call.

Adaptive Brightness Now Actually Changes the Base Brightness

Google’s Adaptive Brightness now appears to change the brightness percentage now, making it behave more like the previous Automatic Brightness feature. This means you won’t have to manually change the brightness when you go outside to even see the display!

Turn Off Hotspot Automatically if No Devices are Connected

This will be a welcome addition to the hotspot feature. You can now have hotspot automatically turn itself off if there are no devices currently connected. This will ensure you don’t drain your device’s battery when hotspot isn’t actively being used.

Thanks Jay Kapoor.

Rotation can now be Locked to Landscape Mode

This change is very, very subtle and easy to miss. I missed it initially, but one of our readers tipped us that if you disable “Auto-rotate” and try to flip the screen, a new navigation bar button will be shown which changes the orientation to landscape and locks it there. Previously, rotation lock would only lock the device to portrait mode. Here’s a quick video:

Thanks Jay Kapoor.

Multi-Bluetooth HFP/A2DP Support

A new developer option has been added which allows your device to connect to up to 5 Bluetooth Hands-Free or A2DP devices. This does not allow you to stream to multiple devices at the same time, but it will make switching between active Bluetooth connections much more seamless as you won’t have to wait for the disconnection/connection process each time.

Set Wi-Fi Network as Metered/Unmetered

If you are connected to a Wi-Fi network that is metered (AKA there’s a data limit), then you have to be careful with how much you download or upload. Android can automatically detect when a network is metered, but in those rare cases where it doesn’t, you can now manually specify a network as metered.

Private DNS (DNS-Over-TLS)

If you have a DNS that supports TLS, meaning the service won’t record the domains that you visit, then there’s a new setting you can change to enable a private DNS provider hostname.

Vibration Controls

Within Accessibility Settings there’s a new vibration control setting. This allows you to set whether or not you want vibrations on or off for ring & notifications, or for touch. You can also choose a low, medium, or high duration vibration.

Quickly Disable Animations

Also within Accessibility Settings is a setting that turns off all animations. We’re not sure how useful this will be since most of us know how to do so from Developer Options, but hey it’s there if you want a quick universal toggle.

SysTrace Tool

This one should interest only developers, but Google now offers a way to easily capture SysTrace from the device. No need to hook up your phone anymore. This will allow you to collect traces that you can then analyze later. This comes in the form of a new quick setting tile.

Last Shown Notifications

Android has always kept a record of notifications (in the notification log), but it has been hidden from users for years. In the notification settings, Android P will at least show a history of a handful of notifications, but it won’t show you the content. Instead, the aim is to have a brief record so you can remove access from a nasty notification that you accidentally dismissed.

Feature Flags to Test In-Development Settings

This might disappear in a subsequent release, but in developer settings you can toggle a few flags much like Google Chrome’s feature flags. Currently it’s not very useful, but this may include more in-development settings in the future.

The new release of Android P Developer Preview 1 for the Google Pixel, Google Pixel XL, Google Pixel 2, and Google Pixel 2 XL is massive. We’re doing our best to find everything we can, but it’s possible we might miss something. Please, if you install the update and notice something new that we haven’t already found, send us a tip and you could get a free month of XDA Ad-Free if we write an article based on your tip!

Love the new look of Android P? Here’s how you can get it on any Android phone right now

Mar 8,2018 Leave a Reply Android, Smartphones android

The idea that Google would release the first developer preview of its next-generation mobile operating system on Pi Day (March 14 — or 3/14) was a nice one. After all, rumors suggest that Android P could end up launching as “Android Pie,” so serving up the first developer build on Pi Day would’ve been a very Googly thing to do — whether the move was a hint at the new version’s release name or just some fun trolling. Instead, Google decided to surprise everyone with an unexpected Android P release on Wednesday, and Android fans spent the rest of the day checking out all of the new features baked into Google’s newest OS.

While there will likely be several additional new features added to Android P before it’s released to the public this fall, it seems clear that Android P will not be a massive update. As a matter of fact, many of the new features Google is highlighting in Android P are, dare we say, a bit boring. 2018 may turn out to be a year of refinement for both of the world’s top mobile platforms though, because Apple is also rumored to be shifting focus in iOS 12 away from exciting new features so that it can work on improving stability and performance.

Even still, there are definitely some great new additions in Android P, and one of them can be yours right now.

Even if you have a Pixel or Pixel 2 smartphone that’s able to run Google’s first Android P Developer Preview, we strongly suggest that you fight temptation. It’s natural for Android enthusiasts to want to check out Google’s latest and greatest Android features as soon as possible, but the first build of Android P is nowhere near being ready for public consumption. It’s best suited to developer devices, not the phone you carry with you all the time.

Even if you fight the urge to update your Pixel phone — or if you have some other Android phone that isn’t even compatible with the Android P Developer Preview — there’s still a way that you can get a taste of Android P.

Everyone seems to love the new look of Android P’s home screens, which have gotten a terrific refresh in Android P. The top of the screen is largely unchanged, but the dock is completely different. The new look is great, but far more important is the fact that it puts the Google search bar right at the bottom of the screen where users can easily access it. Here’s a screenshot from Android news blog Droid Life:

We love it, but not quite enough to install an incomplete, potentially buggy version of Android P. Luckily we don’t have to. Droid Life has managed to get its hands on the official Android P launcher, which is an updated version of the Pixel Launcher found in Android Oreo. Want to check out the awesome new launcher on your own Android phone? You can download it right here

5 Reasons To Buy Samsung’s Galaxy S9 Over The Apple iPhone X

Mar 1,2018 Leave a Reply Smartphones, Technology iPhone, samsung, Samsung Galaxy S9, smartphones

The Samsung Galaxy S9 and S9+. Photo credit: AP Photo/Manu Fernandez

The launch of Samsung’s new flagship Galaxy S9 means it’s time to ask the only question that matters – is it worth your money?

Or, more specifically, is it worth your money instead of the iPhone X? Don’t forget to check out my breakdowns and comparisons for most recent flagship smartphones.

It’s jacked

Who knew something as simple as the headphone jack would become such a contentious battleground for smartphone makers? With the other major Android phone – Google’s Pixel 2 – following Apple’s lead by removing the headphone jack, Samsung has smartly kept the 3.5mm connection.

Of the three big smartphone makers – Apple, Google and Samsung, only the latter has kept this technology, which is good marketing for the Korean company. Also, as someone who has tested various devices and lived with no headphone jack for the last year – this is a good consumer move.

Forget arguments about audio quality and design principles, having the headphone jack is better than not having it in purely practical terms – especially if you don’t want to venture into the murky world of wireless headphones yet.

Fingerprint scanner

Another feature that has disappeared – or is at least disappearing – from the Apple line of smartphones. Whilst Apple paves a new biometric path, Samsung revisits familiar ground by keeping its fingerprint scanner with a small location improvement.

Perhaps “location improvement” is a bit unfair, the much-maligned slightly-off-center reader was always an odd choice. It almost perfectly reflected the Galaxy’s image as a left-of-center choice of smartphone against the ever-popular iPhone.

But with a lower, central position, it’s easier to reach for small hands, more intuitive and gives users a familiar option to log-in to their device or authorize mobile payments. And, whilst Samsung is pushing its own biometric security tech “Intelligent Scan”, the Galaxy maker is smart enough not to force it upon its users as the only unlocking option….yet.

Super, super slow motion

Samsung’s new snapper has some impressive specs and features, more on that below – but one feature that stands out is the 960 fps slow motion. Check out my colleague Ian Morris’ hands-on below to see how good it is in action.

This isn’t exactly breaking new ground, Sony had similar slow-motion tech at a higher resolution (1080p) in the XZ Premium, but it’s still excellent on the S9 and obviously, it’s better than the iPhone X’s 240fps slow motion.

Always listening, desperate to be liked

This is less of a phone specific reason and more of a reason to buy Samsung devices over Apple devices in general. Simply, Samsung listens. Let’s take the S9 for example, Samsung took the criticism of the fingerprint sensor and moved it, it also kept the headphone jack – which is a debate that’s yet to be settled.

Samsung has form here, too. It kept the removable battery in the Galaxy S5 when others were heading over to a locked design, it also brought back expandable storage after removing it in the Galaxy S6. Where Apple forges ahead with new concepts – that may or may not work – and forces it upon iPhone fans, Samsung is so eager to please its entire strategy and roadmap is completely malleable. For consumers, that’s a good trait.

Price

Both the S9 and S9+ are cheaper than the cheapest iPhone X ($719 and $839 Vs. $999). That’s a big saving for an arguably on-par device.

Jay McGregor , CONTRIBUTOR Opinions expressed by Forbes Contributors are their own.

Jay McGregor is the editor-in-chief of a new documentary publication called Point. He also reports for The Guardian, TechRadar, BBC Radio and others. Follow on YouTube: youtube.com/pointreport

So you think you’re careful? It can happen to you.

Feb 26,2018 Leave a Reply Cybersecurity, Security, Technology phishing, social engineering attack, vishing

Scam artist hacker using laptop. Hacking the Internet - high resolution.

Someone on Reddit described how he was the victim of a very sophisticated social engineering attack. Wow, this is crafty. This is the story:

“I have different passwords for every website I log into, 2-factor authentication when possible; I thought I knew all the scams and could spot them a mile away. This one still got me.

I was meeting a friend at a bar. Two drinks in I got a call from someone identified by my phone as Wells Fargo. I’m fully aware this could be spoofed, but it did not raise alarm bells yet. I was at a bar I did not frequent and have gotten calls from my bank before on suspicious charges that were legit, so I answered expecting this to be the case.

The person I spoke with said they were with Wells Fargo and they’ve identified fraudulent charges on my account but they need to verify my identity before they can discuss details. They said they sent me a text message (via the cell number they just called, which is my first clue this is phishing). They asked me to read back to them the 6-digit number just texted me to verify my ID.

Being two drinks in, slightly expecting what this was about, I had zero alarm bells going off. My bad, this was stupid of me. I read the number to them. They suggested it timed out and I needed to read another number they texted to me. Minimal time had passed, a mild spidy sense was tingling, but I still was not concerned enough to ask questions and read them a second 6-digit code.

This person then read off 5 recent charges on my account, 4 of which I recognized as legit and a 5th that was a $1000 charge to a credit card I did not own. I immediately identified this as a fraudulent charge and they said: “no prob dude, we’ll freeze your card and send you a new one”. They even gave me the last 4 on the card it was coming from. I was appeased enough to continue (sadly).

Finally, they said they sent me one final 6-digit code to confirm that they were crediting my account back with the $1000 fraudulent charge. I just needed to read off the final code they texted to me. At this point, things seem weird to me but they got me at a good time. I was 2 drinks in, was interrupted from hanging with a close friend I hadn’t seen in months and was outside trying desperately to avoid the loud noise inside the bar but still dealing with traffic noise outside. I just wanted to be done with this. I read them the final code and they thanked me and hung up.

At this point, I see why my phone had been vibrating constantly through this call. I had 4 emails from Wells Fargo. 1) Your username has been reset, 2) your password has been reset, 3) Welcome to Zelle! an awesome $$$ forwarding service, 4) You’ve just forwarded $1000!!!!!

I called Wells Fargo via the number on the back of my card. After being on hold for 45 min trying to get the fraud department, I start to tell my story only to have the call drop (I’m pretty sure they hung up on me). I called back and was on hold for 1 hour 20 min (my account has been compromised >2 hours by this time) to get a second person. He told me this was a scam they’ve been dealing with for 3 months and I needed to go into a branch with 2 forms of ID to deal with it. There was nothing he could do tonight.

TL;DR: Dude spoofed Wells Fargo when calling me on my cell, requested a reset of my username, password, and approval for $1000 transfer. I stupidly read off the confirmation numbers I received via text to him, he entered them into Wells Fargo website to approve all these requests. Wells Fargo has known their customers have been getting scammed for 3 months and didn’t bother to warn anyone. I now have to go into a branch, hang my head and tell my shameful story to a person and beg for access to my account because someone else has control of it all night tonight.”

Good lesson to be learned: Never, ever give any kind of confidential data to someone WHO CALLS YOU. Always call back to the number on the back of your card.

Tech Blog - Spearhead Multimedia

Table of Content

What is GDPR?

What is required under GDPR?

Is WordPress GDPR Compliant?

Areas on Your Website that are Impacted by GDPR

Best WordPress Plugins for GDPR Compliance

Final Thoughts

Additional Resources

Legal Disclaimer / Disclosure

HP goes up against the iPad Pro with its $599 Chromebook x2

A secure web is here to stay.

Here’s Everything New in Android P Developer Preview 1 for the Google Pixel/XL and Pixel 2/XL

What’s New in Android P Developer Preview 1 for the Google Pixel and Pixel 2 series

Summary

UI Changes

Material Design 2?

New Notification Style for Messages

New Transition Animations

Media and USB Dialog Changes

Pixel Launcher

Battery Saver No Longer Shows Orange Warning Bar

Google Pixel 2 Always on Display Now Shows Battery Info, Adds Divider Between Time/Notifications

Android P Easter Egg and New About Phone Behavior

Quality of Life Improvements

Screenshot Editor

Screenshot in Power Menu

Text Selection Zoom

Scheduled Battery Saver

Do Not Disturb Simplification

Media Volume By Default

Adaptive Brightness Now Actually Changes the Base Brightness

Turn Off Hotspot Automatically if No Devices are Connected

Rotation can now be Locked to Landscape Mode

Multi-Bluetooth HFP/A2DP Support

Set Wi-Fi Network as Metered/Unmetered

Private DNS (DNS-Over-TLS)

Vibration Controls

Quickly Disable Animations

SysTrace Tool

Last Shown Notifications

Feature Flags to Test In-Development Settings